diff --git a/dashboard/src/components/MailRelaySettingsItem.vue b/dashboard/src/components/MailRelaySettingsItem.vue
index ac127855e..770e28d58 100644
--- a/dashboard/src/components/MailRelaySettingsItem.vue
+++ b/dashboard/src/components/MailRelaySettingsItem.vue
@@ -39,7 +39,7 @@ const adminDomain = ref('');
 const provider = ref('cloudron-smtp');
 const host = ref('');
 const port = ref(1);
-const acceptSelfSignedCerts = ref(true);
+const acceptSelfSignedCerts = ref(false);
 const serverApiToken = ref('');
 const username = ref('');
 const password = ref('');
@@ -64,6 +64,15 @@ function usesPasswordAuth(provider) {
 }
 
 function onProviderChange() {
+  // reset the form
+  host.value = '';
+  port.value = 587;
+  acceptSelfSignedCerts.value = false;
+  serverApiToken.value = '';
+  username.value = '';
+  password.value = '';
+
+  // prefill from preset
   const tmp = providers.find(p => p.provider === provider.value);
   if (!tmp) return;
 
@@ -182,7 +191,7 @@ async function onSubmit() {
 
             <FormGroup v-if="usesPasswordAuth(provider)">
               <label for="passwordInput">{{ $t('email.outbound.mailRelay.password') }}</label>
-              <PasswordInput id="passwordInput" v-model="password" required />
+              <TextInput id="passwordInput" v-model="password" required />
             </FormGroup>
           </fieldset>
         </form>
diff --git a/src/mail.js b/src/mail.js
index dc8035a37..faa82a576 100644
--- a/src/mail.js
+++ b/src/mail.js
@@ -791,8 +791,8 @@ async function clearDomains() {
 // remove all fields that should never be sent out via REST API
 function removePrivateFields(domain) {
     const result = _.pick(domain, ['domain', 'enabled', 'mailFromValidation', 'catchAll', 'relay', 'banner']);
-    if (result.relay.provider !== 'cloudron-smtp') {
-        if (result.relay.username === result.relay.password) result.relay.username = constants.SECRET_PLACEHOLDER;
+    if ('password' in result.relay) {
+        if ('username' in result.relay && result.relay.username === result.relay.password) result.relay.username = constants.SECRET_PLACEHOLDER;
         result.relay.password = constants.SECRET_PLACEHOLDER;
     }
     return result;
@@ -838,10 +838,8 @@ async function setMailRelay(domain, relay, options) {
     if (!domain) throw new BoxError(BoxError.NOT_FOUND, 'Mail domain not found');
 
     // inject current username/password
-    if (result.relay.provider === relay.provider) {
-        if (relay.username === constants.SECRET_PLACEHOLDER) relay.username = result.relay.username;
-        if (relay.password === constants.SECRET_PLACEHOLDER) relay.password = result.relay.password;
-    }
+    if (relay.username === constants.SECRET_PLACEHOLDER) relay.username = result.relay.username;
+    if (relay.password === constants.SECRET_PLACEHOLDER) relay.password = result.relay.password;
 
     if (!options.skipVerify) {
         const error = await verifyRelay(relay);